![](/screenshots/17b1bd2b-c7f5-4d9b-8f42-f9a72a016a2f.png)
mai-emi.com
Open in
urlscan Pro
2a06:98c1:3121::3
Malicious Activity!
Public Scan
Submission: On December 02 via automatic, source openphish — Scanned from NL
Summary
This is the only time mai-emi.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 192.229.133.92 192.229.133.92 | 15133 (EDGECAST) (EDGECAST) | |
13 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
bac-assets.com
secure2.bac-assets.com — Cisco Umbrella Rank: 199327 |
12 KB |
2 |
mai-emi.com
mai-emi.com |
36 KB |
13 | 2 |
Domain | Requested by | |
---|---|---|
5 | secure2.bac-assets.com |
mai-emi.com
|
2 | mai-emi.com |
mai-emi.com
|
13 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bankofamerica.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
secure2.bac-assets.com Entrust Certification Authority - L1M |
2021-12-20 - 2022-12-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://mai-emi.com/b0a/dispute/login/designs/verify.html
Frame ID: 3841EADA45221C08DA22FCF746AED084
Requests: 14 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Secure Area
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
verify.html
mai-emi.com/b0a/dispute/login/designs/ |
421 KB 35 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-logos-BofA_rgb-CSX5624a146.svg
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-header-secure-lock-CSXa09bf5fc.svg
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
353 B 359 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-global-title-flagscape_red-CSX345e7fd7.svg
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cnx-regular.woff2
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cnx-medium.woff2
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assets-images-site-secure-ah-forgot-common-sample-check-CSX2ef22a73.png
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ssn.js
mai-emi.com/b0a/dispute/login/designs/ |
443 B 991 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
266 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cnx-regular.woff
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cnx-medium.woff
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cnx-medium.ttf
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
cnx-regular.ttf
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- secure2.bac-assets.com
- URL
- https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff2
- Domain
- secure2.bac-assets.com
- URL
- https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff2
- Domain
- secure2.bac-assets.com
- URL
- https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff
- Domain
- secure2.bac-assets.com
- URL
- https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff
- Domain
- secure2.bac-assets.com
- URL
- https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.ttf
- Domain
- secure2.bac-assets.com
- URL
- https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
12 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mai-emi.com
secure2.bac-assets.com
secure2.bac-assets.com
192.229.133.92
2a06:98c1:3121::3
36936c7545dae08fd958b2d652f646e772a2554f52a26c49b34d05a7372309af
46b1bdd52215324f3660248b3d50538503d8ad4f32afe3d82e2d8f7b35bf820d
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
6c7f8fb9f19d36be96cb37942cbd0ff926437d0ad258fbbbd7e24a85b2b85f6b
a154e9972c58b8a28ab486b93d7b7a702bf3f71505b5c1556b8fdaa8ab12b95a
a58d5607a731a169e4467b30d33b2f30bff8b9f3d1948c6507be9997f67fc363
e784b1a75528ca2c36e0d91d7b74e50bcbfdd374a5248f3d1ac667366b9c393e
ef1e2c7f7966523d78b1c294052dfa4b2db256a21ead9fb711d187e0fd54be7a